package com.demo.jFinalAndShiroDemo.web;


import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

import com.jfinal.core.Controller;

public class LoginController extends Controller {

    public void login() {
    	HttpServletRequest req = getRequest();
		if (req.getMethod().equalsIgnoreCase("GET")) {
    		renderJsp("login.jsp");
		}else {
			//登录成功？
			System.out.println("登录成功");
			Subject subject = SecurityUtils.getSubject();
			
			subject.isAuthenticated();
//			subject.checkRole("hello");
			if (!subject.isAuthenticated()) {
				
			}
    		String exceptionClassName = getAttr(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
    		String error = null;
    		if(UnknownAccountException.class.getName().equals(exceptionClassName)) {
    			error = "用户名/密码错误";
    		} else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) {
    			error = "用户名/密码错误";
    		} else if(exceptionClassName != null) {
    			error = "其他错误：" + exceptionClassName;
    		}
    		if (error != null) {
    			setAttr("error",error);			
    			renderJsp("login.jsp");
			}
		}
    }
    


}
